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CLAIMS 

1. A method for notifying a central authority of 
iges to a trusted computing installation, comprising 

the s\eps of: 

^mining that a user has made a security 
modification to a portion of the trusted computing 
installationWder user control; 

determining that the security modification is a 
notification evenVof interest; and 

sending the cenW authority a notification of the 
security modification. 



2 . The method as described in Claim 1 wherein the 
notification event is a f ailed\applet signature 

15 verification. 

3. The method as described inVlaim 1 wherein the 
notification event is an addition of a\ertificate in a 
certificate database. 
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4. The method as described in Claim 1 Wrein the 
notification event is a modification of a certificate in 
a certificate database. 

5. The method as described in Claim 1 wherein W 
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notification is an SNMP alert, 



The method as described in Claim 1 wherein the 
notification is an e-mail. 

7. Thfe method as described in Claim 1 wherein the 
notification lk a log in an online database. 

8. The method as described in Claim 1 wherein the 
10 notification is a screen message. 

9. A method of notifying a central authority of 
changes to a trusted computing installation, comprising 
the steps of: 

15 determining that a user hak made a security 

modification to a portion of the trusted computing 
installation under user control; 

invoking a security notification Wnager class; 
instantiating the security manager Vlass with an 
20 instance that determines that the security\modif ication 
is a notification event of interest; and 

sending the central authority a notif ication of the 
security modification. 
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10. The method as described in Claim 9 whereimthe 
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\notif ication is selected from a group of notifications 
consisting of: an S1SIMP alert, an e-mail, a database log, 
and a screen message. 

5 The method as described in Claim 9 wherein the 

determining step executes a given control routine when 
the user has made a security modification to a portion of 
the trusted computing installation under user control. 

10 12. The me\hod as described in Claim 11 wherein the 

portion of the trusted computing installation is an 
applet signature verification routine. 

13. The method as described in Claim 11 wherein the 
15 portion of the trusted computing installation is a 

certificate modification routine. 

14. A method for notifying V central authority of 
changes to a trusted computing installation, comprising 

20 the steps of: \ 

upon a given security modification^ invoking a 
security notification manager class; \ 

extending the security notification manager class 
with one of a set of instances, wherein a giv&n instance 
25 determines that the security modification is a \ 
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notification event of interest; and 

sending the central authority a notification of the 
security modification. 

5 lk. A computer program product in a 

computer\iseable medium for notifying an authority of 
changes toV trusted computing installation, comprising: 
a security notification manager class; 
at least o\e class instance for the security 
10 notification manager class for determining that a given 
security modification is a notification event of 
interest; and 

means for sending tke authority a notification of 
the given security modification. 



16. The computer program product as described in 
Claim 15 wherein the notif icationv is selected from a 
group of notifications consisting of: an SNMP alert, an 
e-mail, a database log, and a screen message. 



17. The computer program product asNdescribed in 
Claim 15 further including a control routines for 
determining when the user has made a security 
modification to a portion of the trusted computing 
25 installation to generate the given security modification. 
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\ 18. A computer program product in a 
computer- readable medium for notifying an authority of 
5 changes\to a trusted computing installation, comprising: 
a control routine executed upon a given security 
modification in the trusted computing installation for 
invoking an abstract Java class; 

at least ofoe class instance for the abstract Java 
10 class for determining that the given security 

modification is a notification event of interest; and 

means for sending^ the authority a notification of 
the given security modification . 

15 19. A trusted computing base, comprising: 

untrusted code executing aSn the trusted computing 
base; \ 

means operative as the untrusted code is executed 
for determining whether a given security modification has 
20 occurred; \ 

means responsive to the occurrence of\ the given 
security modification for invoking a security 
notification manager class that issues a givenV 
notification. \ 
25 \ 
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20. The trusted computing base as described in 
Claifo 19 further including a set of one or more security 
notification manager class instances, wherein a given 
security notification manager class instance extends the 

5 security Notification manager class to identify a given 
security modification of interest, 

21. The ftrusted computing base as described in 
Claim 20 wherein\a given security manager class instance 

10 includes at least first and second rules, wherein the 
first rule triggers k first notification and the second 
rule triggers a secondNnotif ication. 

22. A notification service for a trusted computing 
15 installation, comprising: 

a pluggable framework f or\receiving a set of 
notification objects, wherein ea<sh notification objects 
identifies a given notification thkt is issued upon a 
given security modification to the trusted computing 
20 installation; and 

means for issuing the given notification upon the 
occurrence of its associated security modification. 



23. The notification service as described in Claim 
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25 22 wherein the given notification is selected ftvom a 
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